Thanks Varun, " With 5.1 GlobalProtect App, as an admin, you can set Disable Option to Not Allow on Dynamic App Config on the firewall to prevent users from disabling GlobalProtect." Will that also prevent users from stopping the actual GP service? We already have it configured to stop users from disabling it through the GP App, and that works, but they have found they can simply go into services.msc and disable the service, then kill the GP app through task manager. This effectively allows them to completely turn off GP. The only difference there is we are currently using agent version 4.1.x not 5.1.
... View more